Within the past decade, the number of users accessing computer networks such as the Internet has exploded. Typically, users access the Internet through an Internet Service Provider (ISP). A network user attempting to gain access to the Internet or a corporate local area network (LAN) must generally enter a username and password for identification verification purposes. A problem with this process is that the password is generally not secure when transmitted to the ISP using many standard authentication protocols.
FIG. 1 illustrates a diagram of a prior art ISP network configuration 100 in which network user credentials are authenticated using an insecure method. An ISP network 145 includes a network access server (NAS) 120 connected to a modem pool 115 and to the Internet 150 via a gateway 125. The ISP network 145 is also connected to an authentication server (AAA server) 135. The AAA server 135 may be local to the ISP network 145 or in a remote location a great distance from the ISP Network 145.
To establish an Internet connection, a network user typically executes a dial-up networking application on a network access device 105. The dial-up networking application prompts the network user to enter a network username and a network password and manipulates a modem 110 in order to initiate a modem session with the modem pool 115 over a public switched telephone network (PSTN) 140. After a modem session has been established, the dial-up networking application begins communicating with the NAS 120 for purposes of establishing a data connection and authenticating the network user.
One of the more common data communication protocols used to establish connections between computers is the point-to-point protocol (PPP). One particularly well-known authentication protocol, which is commonly used in conjunction with PPP, is the Password Authentication Protocol (PAP). A dial-up networking application configured to use PAP repeatedly sends the username and password pair over the established data connection until an authorization acknowledgement signals is received or the connection is terminated. The dial-up networking application is configured to control the frequency and timing of the username and password transmission.
A problem with PAP is that the password is not encrypted before it is sent over the data connection, but instead, it is sent as clear text. This means that the password is susceptible to interception by a hacker. For example, a hacker with access to the data connection can use a network monitoring application to capture and display data packets that are sent across the data connection. Such network monitoring applications are common and are often referred to as packet sniffing or packet snooping applications due to their illicit use.
Referring again to FIG. 1, once the username and password pair is received at the NAS 120, Remote Authentication Dial In User Service (RADIUS), another standard authentication protocol, is typically used to transmit the network username and password pair to an ISP authentication system 155. The RADIUS protocol provides for the symmetric encryption of the password before it is sent to the AAA server 135 in the ISP authentication system 155. The encryption method is considered symmetric because the NAS 120 and the AAA server 135 share a secret key used in the encryption algorithm. The NAS 120 uses the secret key to “lock”, or encrypt, the password, while the AAA server 135 uses the secret key to “unlock”, or decrypt, the password before checking the password against the password stored in an authentication database 130.
A problem with the RADIUS symmetric encryption method is that it is susceptible to a form of attack known as a “dictionary” attack. In a dictionary attack, a hacker with knowledge of the encryption algorithm intercepts an encrypted password with a packet sniffing application. Then, the hacker repeatedly tries a series of keys until one is found that yields readable characters. To make matters worse, once the secret key is compromised, a hacker can readily decrypt any password intercepted between the NAS 120 and the AAA server 135.
In response to the weaknesses inherent in the PAP/RADIUS authentication method just described, the Challenge Handshake Authentication Protocol (CHAP) was developed. In a system implemented to use CHAP, the dial-up application in the network access device 105 negotiates with the NAS 120 to use CHAP as the authentication protocol, instead of PAP. Next, the NAS 120 generates a random number and sends it to the network access device 105. The dial-up networking application executing on the network access device 105 uses the random number to generate a non-reversible hash of the password, which is then sent to the NAS 120. The NAS 120 then uses the RADIUS protocol and sends the non-reversible hash and the random number used to generate the hash to the AAA server 135. The AAA server 135 retrieves the clear text password from the authentication database 130 and repeats the hash operation using the random number received from the NAS 120. Finally, the AAA server 135 compares its generated hash value with the hash value received from the NAS 120. If the hash values are the same, the authentication is considered successful and the AAA server 135 sends the appropriate acknowledgement signal to the network access device 105.
A problem with the CHAP/RADIUS method for user authentication is that all three systems, namely the network access device 105, the NAS 120 and the AAA server 135, must be configured to use CHAP in order to take advantage of the added security. If any of the three are not configured to use CHAP, the dial-up networking application on the network access device 105 uses the PPP protocol to negotiate with the NAS 120 to use PAP as the authentication protocol.
Another disadvantage of using the CHAP/RADIUS method is that in order for CHAP to be implemented properly, the AAA server 135 must have access to clear text passwords. Many authentication systems do not store passwords in clear text form because of the added security risk that would result if the system were compromised and the passwords stolen.
More recently, authentication systems have deployed an authentication protocol referred to as Extensible Authentication Protocol (EAP). EAP works in much the same way as CHAP, except that the AAA server 135, not the NAS 120, generates the random number which the network access device 105 uses to hash the password. Consequently, EAP is subject to the same disadvantages of CHAP. Particularly, EAP is only effective if all systems in the authentication chain employ EAP.
With the advent of Broadband access, both wireless and wireline (ethernet) access providers employ web browser based authentication systems. The web browser uses Hyper Text Transport Protocol (HTTP) or Hyper Text Transport Protocol over Secure sockets layer (HTTPS) for transmitting the user credentials to the access point. A problem with HTTP is that the password is not encrypted before it is sent over the data connection, but instead, it is sent as clear text. This means that the password is susceptible to interception by a hacker. For example, a hacker with access to the data connection can use a network monitoring application to capture and display data packets that are sent across the data connection. Such network monitoring applications are common and are often referred to as packet sniffing or packet snooping applications due to their illicit use. A problem with HTTPS is that the access point needs to obtain the certificate from a well-known Certificate Authority (CA). This increases the cost of setting up the access point. The strength of the encryption used by HTTPS is regulated by government export restrictions. The web browsers include the weaker keys by default, and the users are expected to upgrade the encryption strength depending upon export restrictions. For the purposes of this specification, the term “connection application” should be construed as including, but not limited to, any device (both hardware and software) including functionality to authenticate data e.g., a peer-to-peer authentication arrangement, a dialer, a smart client, a browser, a supplicant, a smart card, a token card, a PDA connection application, a wireless connection, an embedded authentication client, an Ethernet connection, or the like.